Online credentials seriously breached: says Swiss agency

The Reporting and Analysis Centre for Information Assurance (MELANI) which was commissioned by the Federal Council to protect critical infrastructure in Switzerland on Tuesday stated that a classified source had passed on copies of stolen data to the cybercrime center.

This was reported after news from Switzerland’s cybercrime monitoring center announced that about 21,000 personal details and passwords used in accessing online services were stolen and illegally used.

Blackmail, fraud, and phishing among others are all illegal activities which are expected to happen with regards to the stolen passwords and account information or details the agency stated in an attempt to warn or enlighten the public.

The agency went ahead to advise people affected to change their password and if preferable create a new password for each online service. Two-factor or Two-step authentication can also be activated.

Cybercrime continues to be a concern, as hacking and data breaches have increased worldwide. Cyber criminals have resorted to spam and phishing e-mails to compromise victim’s online accounts and steal personal information

Business accounts are also targeted for information on payment methods and outstanding invoices. Cyber criminals use the information to send fake invoices demanding payment to a designated account.

Although many attempts and efforts are being made to put a halt to this problem, there has been an increase in the level of professionalism in Cybercrime incidents.

Typically phishing emails and fraud are obvious because the grammar is poor and the email address is obviously someone other than the person who signs the email. Yet, there is now a higher standard and the quality of emails are improving daily, making it nearly impossible to notice.

Over the years, Nonviolent petty crimes such as vehicle thefts (cars, bicycles, motorcycles), and burglaries were the primary concerns throughout Switzerland with Drug-related offenses also common but generally not involving violence.

Well, things seem to have changed with the number of cyber attacks incidents soaring up. Reports from authorities further seem to indicate that, the problem is expected to get unpleasant. This includes both the size and nature of which these crimes are being committed.

14,033 cybercrime cases were reported to police in Switzerland last year, and comparing it to the 11,575 in 2015 and 5,330 in 2011, an increase is clear.

KPMG, a global network of professional firms providing Audit, Tax and Advisory services in a recent survey found that about 88% of companies in Switzerland had been victims of cyber attacks in the past year compared to 54% in 2016.

Additional reports also suggest that many people, firms, and companies are unprepared for this online storm.

“There have been situations in which private interests such as reputational risk have outweighed the interests of a prosecution,” Stephan Walder, the Canton Zurich prosecutor wrote in the KPMG cybercrime report.

Also just some months ago, over 200 IP addresses in Switzerland were affected by the WannaCry ransomware attack that has brought major organizations to a halt.

The attack began on Friday, May 12, 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries, and as of the following Sunday night a statement from MELANI revealed that there were 183 potential victims in Switzerland.

MELANI later on Monday morning gave out information that the figure had risen to 200 according to their director.

The attack targeted computers that had Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin, an online cryptocurrency.

Although no major organizations in Switzerland as of now have been affected, according to reports MELANI said there may be thousands of potentially vulnerable computers.

Organizations such as Telecommunications Company Swisscom, Swiss federal railways (SBB) and major Swiss banks and pharma companies contacted MELANI and took preventative measures, amid fears of further attacks.

In an attempt to tackle this problem, Swiss scientists earlier this year developed new defenses to protect both businesses and individuals from attack. This happened after the Petya ransomware attack occurred in Ukraine.

Head of ETHZ’s Network Security Group, Adrian Perrig, at a cyber risks summit at Zurich’s Federal Institute of Technology (ETHZ) argued that the random nature of routing data through cyberspace makes it vulnerable to theft, hijacking, and manipulation.

“Imagine walking home at night with no choice of the route you take. You could be sent along a well-lit, guarded road or a back alley frequented by muggers,” he stated.